Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dawid golunski vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-27955
Git LFS 2.12.0 allows Remote Code Execution.
Git Large File Storage Project Git Large File Storage 2.12.0
21 Github repositories
9.8
CVSSv3
CVE-2016-10034
The setFrom function in the Sendmail adapter in the zend-mail component prior to 2.4.11, 2.5.x, 2.6.x, and 2.7.x prior to 2.7.2, and Zend Framework prior to 2.4.11 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary c...
Zend Zend Framework
Zend Zend-mail 2.6.2
Zend Zend-mail 2.7.0
Zend Zend-mail 2.7.1
Zend Zend-mail 2.5.0
Zend Zend-mail
Zend Zend-mail 2.6.0
Zend Zend-mail 2.6.1
Zend Zend-mail 2.5.1
Zend Zend-mail 2.5.2
3 EDB exploits
3 Github repositories
9.8
CVSSv3
CVE-2016-10074
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer prior to 5.4.5 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the ...
Swiftmailer Swiftmailer
3 EDB exploits
3 Github repositories
1 Article
9.8
CVSSv3
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
120 Github repositories
9.8
CVSSv3
CVE-2016-10045
The isMail transport in PHPMailer prior to 5.2.20 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the ...
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
3 EDB exploits
91 Github repositories
8.8
CVSSv3
CVE-2017-7692
SquirrelMail 1.4.22 (and other versions prior to 20170427_0200-SVN) allows post-authentication remote code execution via a sendmail.cf file that is mishandled in a popen call. It's possible to exploit this vulnerability to execute arbitrary shell commands on the remote serve...
Squirrelmail Squirrelmail 1.4.22
1 EDB exploit
8.6
CVSSv3
CVE-2016-6483
The media-file upload feature in vBulletin prior to 3.8.7 Patch Level 6, 3.8.8 before Patch Level 2, 3.8.9 before Patch Level 1, 4.x prior to 4.2.2 Patch Level 6, 4.2.3 before Patch Level 2, 5.x prior to 5.2.0 Patch Level 3, 5.2.1 before Patch Level 1, and 5.2.2 before Patch Leve...
Vbulletin Vbulletin 4.2.3
Vbulletin Vbulletin 3.8.8
Vbulletin Vbulletin 5.2.2
Vbulletin Vbulletin 4.2.2
Vbulletin Vbulletin 3.8.9
Vbulletin Vbulletin 3.8.7
Vbulletin Vbulletin 5.2.0
Vbulletin Vbulletin 5.2.1
1 EDB exploit
1 Article
8.6
CVSSv3
CVE-2016-4264
The Office Open XML (OOXML) feature in Adobe ColdFusion 10 before Update 21 and 11 before Update 10 allows remote malicious users to read arbitrary files or send TCP requests to intranet servers via a crafted OOXML spreadsheet containing an external entity declaration in conjunct...
Adobe Coldfusion
1 EDB exploit
2 Github repositories
8.1
CVSSv3
CVE-2016-7098
Race condition in wget 1.17 and previous versions, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Gnu Wget
1 EDB exploit
7.8
CVSSv3
CVE-2016-1255
The pg_ctlcluster script in postgresql-common package in Debian wheezy prior to 134wheezy5, in Debian jessie prior to 165+deb8u2, in Debian unstable prior to 178, in Ubuntu 12.04 LTS prior to 129ubuntu1.2, in Ubuntu 14.04 LTS prior to 154ubuntu1.1, in Ubuntu 16.04 LTS prior to 17...
Debian Postgresql-common 11
Debian Postgresql-common 12
Debian Postgresql-common 13
Debian Postgresql-common 14
Debian Postgresql-common 28
Debian Postgresql-common 29
Debian Postgresql-common 30
Debian Postgresql-common 31
Debian Postgresql-common 44
Debian Postgresql-common 7
Debian Postgresql-common 9
Debian Postgresql-common 16
Debian Postgresql-common 18
Debian Postgresql-common 23
Debian Postgresql-common 45
Debian Postgresql-common 46
Debian Postgresql-common 47
Debian Postgresql-common 61
Debian Postgresql-common 62
Debian Postgresql-common 63
Debian Postgresql-common 64
Debian Postgresql-common 78
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »